By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

ycle.

Microsoft released five updates for this month's Patch Tuesday. Two of the updates are critical and three are important. Both critical updates address remote code execution vulnerabilities.

One of the critical security updates addresses 18 vulnerabilities in Internet Explorer (IE), which could be exploited if end users view malicious websites in IE. The update is critical for IE versions 6 through 11 in affected Windows clients. A single vulnerability for a zero-day exploit that was given a February out-of-band fix is included in thus cumulative update for wider distribution.

This is the second month in a row with a large number of critical updates for IE vulnerabilities. In February, Microsoft delivered a super-sized patch to fix 24 critical vulnerabilities in IE.

The second critical security update addresses a vulnerability in Microsoft DirectShow that could be exploited if an end user opens a malicious image file. This update affects most versions of Windows clients and Windows servers.

Despite the critical vulnerability, it is much more difficult to exploit than browsers, said Wolfgang Kandek, chief technology officer of Qualys, Inc., based in Redwood Shores, Calif.

The important security updates in this Patch Tuesday cycle address elevation of privilege and security bypass feature vulnerabilities. One important update addresses an elevation of privilege vulnerability in Windows kernel-mode drivers.

The other two important security updates address security bypass feature vulnerabilities in Security Account Manager Remote (SAMR) protocol and Microsoft Silverlight. The SAMR protocol vulnerability could be exploited if attackers attempt to match passwords to usernames multiple times.

The vulnerability would allow attackers to bypass the expected lock-out mechanism to break into an account, Kandek said.

The Silverlight vulnerability could also be exploited if end users click on malicious links in emails, instant messages or banner advertisements.

Windows XP, Office 2003 end-of-life looms

All five of March's bulletins include Windows XP, and you will “only see patches in Vista or above" beginning in May, Kandek said.

"At least some of them, I'm guessing a majority of them, will apply to XP," because of the shared codebase that wasn't rewritten later, he said.

This potentially opens the window for an attacker to look at vulnerabilities within Windows Vista and check if the vulnerability is present in Windows XP, said Kandek.

There are things you can do to secure the operating system in the meantime. Kandek suggests using a browser that will continue to be supported (Google Chrome and Mozilla Firefox are both expected to continue receiving security updates).

But there is still inherent risk to running it on a network: malware extends its reach through neighboring machines and a lot of malware goes undetected by antimalware software, said Kandek.

1 comment

E-Mail

Username / Password

Password

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy